Risk Management in the Nonprofit Sector Survey

Risk Management in the Nonprofit Sector (2025)

Welcome and thank you for your interest in our survey!

What type of organization do you work for?

Nonprofit organization

Something else

Your Nonprofit's Risk Management Goals and Priorities

Most nonprofit risk functions have multiple goals. Which of the following would you describe as the #1 goal or most important goal of your risk management function, program or commitment?

Ensuring compliance (e.g., compliance with laws and regulations, funder requirements, and policies we adopt to support the organization’s health and well-being)

Improving decision-making (e.g., understanding key risks to inform the day-to-day decisions we make and actions we take in support of our mission)

Informing strategy (e.g., supporting our board and staff team as they consider the risks key to advancing our nonprofit’s mission)

Preventing injury/harm (e.g., minimizing and preventing harm to the people and communities we serve, harm to staff members and volunteers, and harm to members of the public)

Other (please specify)

Please describe primary goal of risk management at your nonprofit below:

Are you planning to reorganize, rebuild, evolve or re-prioritize your nonprofit's risk management approach during the next 12 months?

You selected 'Other' in the previous question relating to reorganizing, rebuilding, evolving, or re-prioritizing your nonprofit's risk management approach. Please describe the timeline for your changes below.

Choose the answers that best describe how your nonprofit will reorganize or evolve your approach to risk management.

Select all that apply.

We are forming (or re-starting) a Risk Management Committee.

We are planning to hire one or more new staff members with risk responsibilities.

We are exploring ways to engage with our Board/Board Committees around the risks we face.

We are hoping to revise our approach to conducting Risk Assessments.

We are planning to take a fresh look at how our risk function and activities are structured.

We are hoping to broaden our approach to include areas or teams that haven't typically been involved.

We are planning to create and adopt a unifying Risk Framework.

We are planning to eliminate one or more risk response and build risk responsibilities into other, broader roles.

Other (please specify)

Please describe how you are planning to change your risk function.

Risk Management Responsibility at Your Nonprofit

Who is primarily responsible for risk management at your nonprofit? (Check all that apply)

One person (e.g., Risk Manager, Director of Safety, CFO, etc.)

A cross-functional staff-level team or committee

A cross-functional management / executive-level team or committee

No one is assigned to handle risk management

A risk management department or team

A staff risk management committee

I don't know

Other

Describe who is responsible for risk management at your nonprofit

What is the primary role of the individual or team you indicated was responsible for risk management at your nonprofit?

Identifying, assessing, and managing risks

Educating other teams/team members about the discipline of risk management

Internal audit

Insurance program management

Compliance

Reporting to constituents (e.g., board, executives, funders) about your organization's risks and risk management efforts

Managing Risks at Your Nonprofit

Rate your level of satisfaction with your organization's management of your top risks.

Review the three types of risks described below. For each type of risk, select from the drop-down the rating that best describes your organization's risk management capabilities with respect to that risk type.

Preventable Risks

Undesirable future events, whose likelihood and potential impact can be managed through compliance efforts, such as changes in program design, policies, training, compliance activities, etc.

Strategic Risks

The nonprofit's 'big bets' - risks it willingly takes to achieve its mission

External Risks

Risks the nonprofit is unable to prevent, such as natural disasters, war/terrorism, recessions/inflation, changes in law/regulation; risk management emphasis is generally on developing contingency and crisis management plans

Does your nonprofit have a written risk management plan describing your risk management goals, approach and key strategies?

What is the #1 risk (a possibility: something that may or may NOT happen) you are focused on at this time?

(The risk that... The possibility that...)

Challenges and Successes in Risk Management

The next two questions will allow you to identify the top challenges that make it hard for your nonprofit to practice or strengthen risk management.

Select the #1 challenge that makes it hard for your nonprofit to practice or strengthen risk management:

Select the #2 challenge that makes it hard for your nonprofit to practice or strengthen risk management:

In one or both of the answers above, you selected "Other." Please describe your #1 and/or #2 challenges

Select the ways that understanding your risks has supported your nonprofit's mission or goals.

We make more informed decisions.

We are better prepared for emergencies.

We take more risks that advance our programs and mission.

We remain resilient during periods of disruption or during crisis events.

We are better able to candidly discuss challenges and concerns in the workplace.

Other (please specify)

Please describe how understanding your risks has supported your nonprofit's mission or goals.

Your Board and Risk

To what degree do you believe that the board, management, and front-line staff share the same risk appetite?

Risk appetite refers to the type and amount of risks your organization believes is necessary to advance its mission.

There are major differences in the risk appetites of these constituents.

There may be nuances in how these constituent groups perceive risk, but no major differences.

All of these constituents seem to be aligned with regard to our risk appetite.

I don't know.

Which of the following most closely resembles your model for risk reporting and governance?

Staff report on risk issues to one or more senior managers, who in turn report to the CEO, who reports to the Board.

Staff report to a risk governance committee (e.g., Audit Committee, Risk Committee, etc.) who in turn reports to the Board.

Staff report to a senior leader, who in turns reports to a risk governance committee, who in turn reports to the board.

Risk reporting stays at the staff level only.

We don't report on our risks, and therefore there is no risk governance.

How often does the Board of Directors at your nonprofit talk about risk or risk management?

Has your Board of Directors recently become more interested in risk management?

About Your Nonprofit - Demographics

Which of the following best describes your role?

Please describe your role.

Please select the category that corresponds to total operating expenses at your nonprofit for the most recent fiscal year.

Please choose one, two or three categories below that are the closest match to your nonprofit's mission or the types of programs you offer.

Advocacy

Arts or culture

Education and/or research

Environmental issues

Grantmaker/Philanthropy

Health services/medical/disease

Housing services

Human or social services

International aid, relief or services

Sports or recreation

Scientific

Religious (church or faith-based organization)

Research

Professional association

Trade association

Financial services

Human rights

Animal rights, animal rescue

Management assistance organization

Other (please specify)

Please describe your nonprofit's mission/services type.

Please select the staff size category that best describes your nonprofit (please count employees, not volunteers, and include employees in all locations).

If you’d like to speak with us to provide additional input, please share your email in the space below and we will be in touch!

Name

First Last

Thank you for your interest! Since this survey is only for nonprofits, we do not need your answers at this time. Stay tuned for the survey results, which will be published in an upcoming issue of the RISK eNews.

Risk Survey

Risk Management in the Nonprofit Sector (2025)

Welcome and thank you for your interest in our survey!

Your Nonprofit's Risk Management Goals and Priorities

Risk Management Responsibility at Your Nonprofit

Managing Risks at Your Nonprofit

Challenges and Successes in Risk Management

Your Board and Risk

About Your Nonprofit - Demographics